LDAP sync thrown a null pointer exception and disables users
search cancel

LDAP sync thrown a null pointer exception and disables users

book

Article ID: 204148

calendar_today

Updated On:

Products

CA Automic Workload Automation - Automation Engine

Issue/Introduction

A faulty execution of the LDAP Sync has disabled several accounts. Jobs could no longer be executed. 

The following error is displayed in the LDAP sync log:

<...>
2020-11-26 16:16:13.628 [main] c.a.s.l.l.LDAPService                    ERROR  null
java.lang.NullPointerException: null
 at org.apache.directory.ldap.client.api.LdapNetworkConnection.connect(LdapNetworkConnection.java:670)
 at org.apache.directory.ldap.client.api.LdapNetworkConnection.searchAsync(LdapNetworkConnection.java:1844)
<...>


Subsequently, the application detects a difference between users in LDAP and in the AE system. Instead of retrying after the failing connection a Group is removed and users deactivated:

2020-11-26 16:16:13.630 [main] c.a.s.l.s.AESynchronizationStep          INFO   ===== Start sync g-UC4-4200-qa -> SSMS_USER_GROUP
2020-11-26 16:16:13.630 [main] c.a.s.l.s.AESynchronizationStep          INFO   Find differences between LDAP server and AE server...
2020-11-26 16:16:13.630 [main] c.a.s.l.s.AESynchronizationStep          INFO   Fetching users from LDAP...
2020-11-26 16:16:13.746 [main] c.a.s.l.s.AESynchronizationStep          INFO   ...found 2 users from LDAP groups g-UC4-4200-qa
2020-11-26 16:16:13.746 [main] c.a.s.l.s.AESynchronizationStep          INFO   Fetching users from AE...
2020-11-26 16:16:14.355 [main] c.a.s.l.s.AESynchronizationStep          INFO   ...found 41 user from client 4200, 14 user in group SSMS_USER_GROUP
2020-11-26 16:16:14.394 [main] c.a.s.l.s.AESynchronizationStep          INFO   Found 22 difference(s) between LDAP server and AE server
2020-11-26 16:16:14.395 [main] c.a.s.l.s.AESynchronizationStep          INFO   Apply changes on AE server...

Environment

Release : 12.3

Component : LDAPSYNC

Cause

This is a bug

Resolution

Issue has been fixed in LDAPSync v2.3.1 - Available

Additional Information

As important to prevent an issue you have to add the parameter retryConnect=10 to the different LDAPSync.xml configuration files.

https://docs.automic.com/documentation/webhelp/english/AA/12.3/DOCU/12.3/Automic%20Automation%20Guides/help.htm#LdapSync/setup-configuration.htm?Highlight=retryConnect

Also searchTimeout=60 seconds, should be set to prevent that upon retry the sync times outs to quickly.

Powered by Wolken Software